/*
 * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
 *
 * Copyright (C) 2022 Tencent.  All rights reserved.
 *
 * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
 *
 * A copy of the MIT License is included in this file.
 *
 *
 * Terms of the MIT License:
 * ---------------------------------------------------
 * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
 * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
 * permit persons to whom the Software is furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all copies or substantial portions of
 * the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
 * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
 * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */

package com.tencent.bkrepo.analyst.component.manager.trivy

import com.tencent.bkrepo.common.analysis.pojo.scanner.trivy.TrivyScanner
import com.tencent.bkrepo.common.analysis.pojo.scanner.trivy.VulnerabilityItem
import com.tencent.bkrepo.repository.constant.SYSTEM_USER
import com.tencent.bkrepo.analyst.component.manager.knowledgebase.TCve
import java.time.LocalDateTime
import java.util.Locale

object Converter {
    /**
     * 未计算cvss评分
     */
    private const val NO_CVSS_SCORE = 0.0

    fun convertToCve(vulnerabilityItem: VulnerabilityItem): TCve {
        return with(vulnerabilityItem) {
            val now = LocalDateTime.now()
            TCve(
                createdBy = SYSTEM_USER,
                createdDate = now,
                lastModifiedBy = SYSTEM_USER,
                lastModifiedDate = now,
                component = pkgName,
                versionEffected = installedVersion,
                versionFixed = fixedVersion,
                name = title,
                description = description,
                references = references ?: emptyList(),
                pocId = pocIdOf(vulnerabilityId),
                cveId = vulnerabilityId,
                cvssRank = severity,
                cvss = NO_CVSS_SCORE,
                cvssV3 = null,
                cvssV2 = null
            )
        }
    }

    private fun pocIdOf(vulnerabilityId: String) =
        "${TrivyScanner.TYPE.lowercase(Locale.getDefault())}-$vulnerabilityId"
}
